CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2010-1085 – kernel: ALSA: hda-intel: Avoid divide by zero crash
https://notcve.org/view.php?id=CVE-2010-1085
The azx_position_ok function in hda_intel.c in Linux kernel 2.6.33-rc4 and earlier, when running on the AMD780V chip set, allows context-dependent attackers to cause a denial of service (crash) via unknown manipulations that trigger a divide-by-zero error. La funcion azx_position_ok en hda_intel.c en el kernel de Linux v2.6.33-rc4 y anteriores, cuando correo bajo un chipset AMD780V, permite a atacantes dependientes de contexto producir una denegación de servicio (caída) a través de manipulaciones desconocidas que inician un error de división por cero. • http://lkml.org/lkml/2010/2/5/322 http://nctritech.net/bugreport.txt http://secunia.com/advisories/39649 http://secunia.com/advisories/43315 http://support.avaya.com/css/P8/documents/100088287 http://support.avaya.com/css/P8/documents/100090459 http://www.openwall.com/lists/oss-security/2010/02/22/2 http://www.redhat.com/support/errata/RHSA-2010-0394.html http://www.redhat.com/support/errata/RHSA-2010-0398.html http://www.securityfocus.com/archive/1/516397&#x • CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2010-1087 – kernel: NFS: Fix an Oops when truncating a file
https://notcve.org/view.php?id=CVE-2010-1087
The nfs_wait_on_request function in fs/nfs/pagelist.c in Linux kernel 2.6.x through 2.6.33-rc5 allows attackers to cause a denial of service (Oops) via unknown vectors related to truncating a file and an operation that is not interruptible. La funcion nfs_wait_on_request en fs/nfs/pagelist.c en Linux kernel desde v2.6.x hasta v2.6.33-rc5 permite a atacantes producir una denegación de servicio (OOPS) a través de vectores desconocidos relacionados con el truncado de un fichero y una operación que no se puede interrumpir. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=9f557cd8073104b39528794d44e129331ded649f http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00006.html http://secunia.com/advisories/39830 http://secunia.com/advisories/40645 http://secunia.com/advisories/43315 http://www.debian.org/security/2010/dsa-2053 http://www.openwall.com/lists/oss-security/2010/03/03/1 http://www.securityfocus.com/archive/1/516397/100/0/threaded http://www. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.9EPSS: 0%CPEs: 252EXPL: 0CVE-2010-1088 – kernel: fix LOOKUP_FOLLOW on automount "symlinks"
https://notcve.org/view.php?id=CVE-2010-1088
fs/namei.c in Linux kernel 2.6.18 through 2.6.34 does not always follow NFS automount "symlinks," which allows attackers to have an unknown impact, related to LOOKUP_FOLLOW. fs/namei.c en Linux kernel desde v2.6.18 hasta v2.6.34, no siempre sigue los enlaces simbólicos de automontado NFS, lo que permite a atacantes producir un impacto desconocido, relacionado con LOOKUP_FOLLOW. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=ac278a9c505092dd82077a2446af8f9fc0d9c095 http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00007.html http://secunia.com/advisories/39742 http://secunia.com/advisories/39830 http://secunia.com/advisories/43315 http://www.debian.org/security/2010/dsa-2053 http://www.mandriva.com/security/advisories?name=MDVSA-2010:088 http://www.mandriva.com/security/advisories?name=MDVSA-2010:198 http://www.n •
CVSS: 7.8EPSS: 4%CPEs: 154EXPL: 0CVE-2010-1188 – kernel: ipv6: skb is unexpectedly freed
https://notcve.org/view.php?id=CVE-2010-1188
Use-after-free vulnerability in net/ipv4/tcp_input.c in the Linux kernel 2.6 before 2.6.20, when IPV6_RECVPKTINFO is set on a listening socket, allows remote attackers to cause a denial of service (kernel panic) via a SYN packet while the socket is in a listening (TCP_LISTEN) state, which is not properly handled and causes the skb structure to be freed. Vulnerabilidad de uso despues de liberacion en net/ipv4/tcp_input.c en el kernel Linux 2.6 en versiones anteriores a la 2.6.20, cuando IPV6_RECVPKTINFO está habilitado en un socket a la escucha, permite a atacantes remotos provocar una denegación de servicio (kernel panic) mediante un paquete SYN mientras el socket está en un estado de escucha (TCP_LISTEN), el cual no es manejado adecuadamente, provoca que la estructura skb sea liberada. • http://git.kernel.org/linus/fb7e2399ec17f1004c0e0ccfd17439f8759ede01 http://secunia.com/advisories/39652 http://support.avaya.com/css/P8/documents/100090459 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20 http://www.openwall.com/lists/oss-security/2010/03/29/1 http://www.redhat.com/support/errata/RHSA-2010-0380.html http://www.redhat.com/support/errata/RHSA-2010-0394.html http://www.redhat.com/support/errata/RHSA-2010-0424.html http://www.redhat.com/suppor • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-399: Resource Management Errors •
CVSS: 6.1EPSS: 0%CPEs: 11EXPL: 0CVE-2010-1187 – kernel: tipc: Fix oops on send prior to entering networked mode
https://notcve.org/view.php?id=CVE-2010-1187
The Transparent Inter-Process Communication (TIPC) functionality in Linux kernel 2.6.16-rc1 through 2.6.33, and possibly other versions, allows local users to cause a denial of service (kernel OOPS) by sending datagrams through AF_TIPC before entering network mode, which triggers a NULL pointer dereference. La Transparent Inter-Process Communication (TIPC) del kernel de Linux versiones 2.6.16-rc1 hasta 2.6.33, y posiblemente otras versiones, permite a los usuarios locales causar una denegación de servicio (OOPS de kernel) mediante el envío de datagramas por medio de AF_TIPC antes de entrar en modo de red, lo que desencadena una desreferencia de puntero NULL. • http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commitdiff%3Bh=d0021b252eaf65ca07ed14f0d66425dd9ccab9a6%3Bhp=6d55cb91a0020ac0d78edcad61efd6c8cf5785a3 http://secunia.com/advisories/39830 http://secunia.com/advisories/43315 http://www.debian.org/security/2010/dsa-2053 http://www.mandriva.com/security/advisories?name=MDVSA-2010:198 http://www.openwall.com/lists/oss-security/2010/03/30/1 http://www.openwall.com/lists/oss-security/2010/03/31/1 http://www.securityfocus.com/archive&# • CWE-476: NULL Pointer Dereference •